Posted
by
CmdrTaco
on Thursday April 14, 2011 @07:49AM
from the honor-system-will-work-fine dept.

bonch writes "The latest developer preview of OS X Lion includes a 'do not track' privacy feature in Safari, the latest browser to do so following Mozilla Firefox and Microsoft Internet Explorer. The feature complies with a privacy system backed by the FTC that allows users to declare that they do not wish to be tracked by online advertisers. This leaves Google Chrome as the last prominent browser not to support the feature. As an online advertiser themselves, Google states that they 'will continue to be involved closely' with industry discussions about compliance with the do-not-track system."

Do any of these "Do Not Track" buttons in browsers actually do anything useful, like disable third-party cookies, or does it just amount to an altogether useless "pretty please!" plea to the oh-so-ethical tracking/advertising industry? If the latter, then aren't these fancy "Do Not Track" buttons actually WORSE than nothing since they'll give ignorant users a completely phoney sense of security.

Incognito mode ('porn mode' to its friends) attacks an entirely different class of privacy problem.

The interpersonal privacy compromise problem is a legitimate one. Potentially embarrassing or worse. Incognito mode does a reasonably effective job of stopping that one(I haven't read up on whether or not the latest forensics packages can do anything against it; but the contents of a closed incognito session are safe enough from your roommate/spouse/kids/nosy sibling/etc.)

Against remote 3rd parties, though, incognito mode is highly limited. It does flush cookies when the session is terminated, which is better than nothing; but with most broadband IPs being close to static, it often isn't rocket surgery to correlate and reconstruct user activity even if you lose some cookies(indeed, being able to run an incognito session and a standard session at the same time and on the same host probably makes that easier, unlike the older, cruder methods where the user manually wiped all their sessions after a period of time).